Re: [Samba] samba 4.8.3 samba_dnsupdate odd long timeouts
- Date: Fri, 29 Jun 2018 08:15:48 +0200
- From: Kacper Wirski via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] samba 4.8.3 samba_dnsupdate odd long timeouts
To follow up on my own question:
I still have no idea what caused this behaviour with dnsupdate, but
removing DC with:
- first demote
- then remove-other-dead-server (I noticed it clears in much better way
- removing whole samba dir and reinstalling it
- and simply re-joining this DC solved this issue, samba_dnsupdate
--all-names completed in seconds with success.
Weird, at least for me, whatsoever, but if fixed "itself", I won't complain.
W dniu 28.06.2018 o 18:20, Kacper Wirski via samba pisze:
I'll try to be as brief as possible.
I'm testing samba 4.8.3 on centos 7.5.
Fresh installation joined to existing AD domain that was ran with samba
I did add 2 DC's with 4.8.3, then removed all 4.7.6 DC's. Everything seemed
to work fine, except for adding DNS entries on one of the machines.
Samba by itself was unable to add them throwing error in log that dnsupdate
When running it with "samba_dnsupdate --verbose -d 10" it does eventually
complete, but it takes FOREVER, roughly 300 seconds to complete each update.
DNS backend is BIND, it's not my first adventure with samba 4 AD, so I t h
i n k I covered most of the basics, that is:
- proper ownership of files for "named"
- trying with and without SELinux
- veryfing /etc/krb5.conf /usr/local/samba/etc/smb.conf and /etc/named.conf
for oddities, but I'm at a loss.
Both 4.8.3 machines were created from same template, just different host
names and IP addresses.
One machine works perfectly fine (upgradedns finishes in ~2 seconds or
less), other one needs 5 minutes per entry (times 20+... yeah, forever).
What I already checked:
obviously connection between both boxes exists (replication works fine for
both machines are VM's running inside same hypervisor,
Right now both DC's use each other as DNS (so DC1 -> DC2 and DC2 -> DC1). I
tried changing it in whatever way, but resulstts were the same, DC2 works
prefectly, DC1 is unable to complete this job in reasonable time.
My smb.conf is pretty basic (standard what was created during join) + added
secure dns updates.
On the machine with slow dns update kerberos ticket is obtained without
issues, but for whatever reason it just takes time, as if machine was
timing out on something.
Also, there are no errors, and each timeout is roughly 250-300 seconds..
To unsubscribe from this list go to the following URL and read the